Audit Log Reference Codes
The Keyfactor Command audit logs are a record of historical changes that have been made within the product to key systems. The following shows the full list of currently audited areas (areas of the product) and operations (types of activity). The equivalent numeric codes are included for those interested in viewing or analyzing raw log data.
Operations
The type of operation performed.
Table 56: Audit Operations
|
Value |
Description |
|---|---|
|
1 |
Created |
|
2 |
Updated |
|
3 |
Deleted |
|
4 |
Approved |
|
5 |
Denied |
|
6 |
Revoked |
|
7 |
Downloaded |
|
8 |
|
|
9 |
Renewed |
|
10 |
Encountered |
|
11 |
Scheduled Replacement |
|
12 |
Recovered |
|
13 |
Imported |
|
14 |
Removed from Hold |
| 15 | Scheduled Add |
| 16 | Scheduled Removal |
| 17 | Download with Private Key |
| 18 | Scheduled |
| 19 | Reset |
| 20 | Disapproved |
| 21 | Restarted |
| 22 | Sent |
| 23 | Failed |
| 24 | Completed |
| 25 | Rejected |
Categories
The area of the product in which the auditable activity occurred. The subcategory name is primarily used in the Keyfactor API A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. or when reviewing downloaded CSV files.
Table 57: Audit Categories
|
Value |
Subcategory Name |
Description |
|---|---|---|
|
2001 |
Certificate |
Certificate |
|
2001 |
AuditingCertificateScheduledReplacement |
Auditing Certificate Scheduled Replacement |
|
2001 |
AuditingCertificateRequest |
Certificate Request |
|
2002 |
ApiApplication |
API Application |
|
2003 |
Template A certificate template defines the policies and rules that a CA uses when a request for a certificate is received.
|
Template |
|
2004 |
CertificateQuery | |
|
2005 |
ExpirationAlert |
Expiration Alert |
|
2005 |
ExpirationAlertDefinitionContextModel |
Expiration Alert |
|
2006 |
PendingAlert |
Pending Alert |
|
2006 |
PendingAlertDefinitionContextModel |
Pending Alert |
|
2007 |
ApplicationSetting |
Application Setting |
|
2008 |
IssuedAlert |
Issued Alert |
|
2008 |
IssuedAlertDefinitionContextModel |
Issued Alert |
|
2009 |
DeniedAlert |
Denied Alert |
|
2009 |
DeniedAlertDefinitionContextModel |
Denied Alert |
|
2010 |
ADIdentityModel |
Security Identity |
|
2011 |
SecurityRole |
Security Role |
|
2012 |
AuthorizationFailure |
Authorization Failure |
|
2013 |
CertificateSigningRequest | |
|
2014 |
ServerGroup | |
|
2015 |
Server |
SSH Server |
| 2016 | DiscoveredKey | Rogue Key A rogue key, in the context of Keyfactor Command, is an SSH public key that appears in an authorized_keys file on a server managed by the SSH orchestrator without authorization. for Logon |
| 2016 | Key | SSH Key |
|
2017 |
ServiceAccount |
SSH Service Account |
|
2018 |
Logon |
SSH Logon |
|
2019 |
SshUser |
SSH User |
|
2020 |
KeyRotationAlertDefinitionContextModel |
SSH Key Rotation Alert |
| 2021 | CertificateStore | Certificate Store |
| 2022 | JobType | Orchestrator Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. Job Type |
| 2023 | AgentSchedule | Orchestrator Job |
| 2024 | BulkAgentSchedule | Bulk Orchestrator Job |
| 2025 | CertificateStoreContainer | Store Container |
| 2026 | Agent | Orchestrator |
| 2027 | RevocationMonitoring | Monitoring |
| 2028 | License | License |
| 2029 | WorkflowDefinition | Workflow A workflow is a series of steps necessary to complete a process. In the context of Keyfactor Command, it refers to the workflow builder, which allows you automate event-driven tasks when a certificate is requested or revoked. Definition |
| 2030 | WorkflowInstance | Workflow Instance |
| 2031 | WorkflowInstanceSignal | Workflow Instance Signal |
